On 21 July 2020, the Monetary Authority of Singapore (MAS) released a consultation paper seeking the public’s views on a proposed Omnibus Act for the financial sector that seeks to meet the increasing need for a sectorwide regulatory approach to complement the MAS’ existing entity- and activity-based regulatory approach. The Omnibus Act would therefore allow MAS to better address emerging risks and challenges that may impact the financial sector.

Overview

The current provisions in the Monetary Authority of Singapore Act (Cap. 186) that relate to the MAS’ regulatory oversight of different classes of financial institutions will be moved to the Omnibus Act. These provisions relate to the prevention of money laundering and terrorism financing, the control and resolution of financial institutions and the oversight of financial sector dispute resolution schemes.

In addition, MAS intends to introduce new provisions on the following areas:

1. a harmonised and expanded power to issue prohibition orders;
2. a new part to regulate virtual asset service providers created in Singapore for anti-money laundering and countering of financing of terrorism purposes;
3. a harmonised power to impose requirements on technology risk management; and
4. providing mediators, adjudicators and employees of an operator of an approved dispute resolution scheme with statutory protection from liability.

Harmonised and Expanded Power to Issue Prohibition Orders

Current

The MAS only has power to issue prohibition orders under the Securities and Futures Act (Cap. 289) (SFA), the Financial Advisers Act (Cap. 110) and the Insurance Act (Cap. 142). This means that the MAS cannot issue prohibition orders to persons regulated under other pieces of legislation administered by the MAS (for instance, the Banking Act, the Business Trusts Act, the Finance Companies Act, the Payment Services Act and the Trust Companies Act) even if they have committed serious misconduct in the financial industry.

Proposed

Under the Omnibus Act, the MAS will be given a harmonised and expanded power to issue prohibition orders to any person who is not fit and proper to engage in regulated activities and their identified roles and functions across the financial industry.

The sole benchmark for issuing prohibition orders would be based on the fit-and-proper test, which replaces the current list of specific criteria. The fit-and-proper test is set out in MAS’ Guidelines on Fit and Proper Criteria (Guideline No: FSG-G01), and comprise the following elements: (i) honesty, integrity and reputation; (ii) competence and capability; and (iii) financial soundness.

This new power to issue prohibition orders will be exercised in a risk-proportionate manner that takes into account the nature and severity of the misconduct and its impact on the financial industry.

The MAS has proposed to add specified functions to the scope of the prohibition orders. These are: (i) handling of funds, including safeguarding or administration of a digital payment token or digital payment token instrument; (ii) risk-taking; (iii) risk management and control; and (iv) critical system administration.

As with the MAS’ current prohibition order powers, the new power will also provide aggrieved individuals a right of appeal to the minister within 30 days of a decision.

The MAS proposes to also include a power to prescribe additional specified functions in subsidiary legislations, which would allow the MAS to respond swiftly to include new functions as the financial industry develops and new risks emerge. The power to add new functions will be exercised for the purpose of protecting trust or deterring misconduct in the financial industry.

Regulating Virtual Asset Service Providers for Anti-Money Laundering and Financial Counterterrorism Purposes

Current

The MAS’ current legislation captures an entity that carries on the business of conducting certain virtual asset activities in Singapore[1], regardless of whether the entity is created in Singapore.

Proposed

In line with the enhanced Financial Action Task Force (FATF) standards, the MAS intends to regulate businesses that provide virtual asset activities outside of Singapore by digital token service providers which are entities created in Singapore for money laundering and terrorism financing risks.

The MAS intends to apply licensing and ongoing requirements on digital token service providers to ensure that such entities have a meaningful presence in Singapore subject to MAS has adequate supervisory oversight over them.

In particular, digital token service providers that provide the following virtual asset activities outside of Singapore will be captured under the proposed framework:

1. dealing in digital tokens;
2. facilitating the exchange of digital tokens;
3. inducing or attempting to induce any person to enter into or to offer to enter into any agreement for or with a view to buying or selling any digital tokens in exchange for any money or any other digital tokens (whether of the same or a different type);
4. accepting digital tokens for the purposes of transferring, or arranging for the transfer of, the digital tokens or arranging for the transmission of digital tokens (where the service provider does not come into possession of the digital tokens);
5. safeguarding or administration of a digital token or digital token instrument, where the service provider has control over the digital token or the digital token associated with the digital token instrument; and
6. providing advisory services relating to the offer or sale of digital tokens.

It is also important to note that the MAS has proposed a new definition of “digital token,” which would include “digital payment tokens” (as defined under the Payment Services Act) as well as “digital representations of capital markets products.”

Digital token service providers will have to apply for a licence to carry out such activities outside of Singapore and are expected to be subject to certain requirements[2] such as:

1. having at least one executive director resident in Singapore, with all the CEO, directors and other equivalent positions qualified as “fit and proper” persons;
2. be incorporated in Singapore with a permanent place of business;
3. satisfying certain financial requirements as prescribed by the MAS; and
4. establishing and staffing an adequate anti-money laundering and countering of financing of terrorism compliance function in Singapore.

Harmonised Power to Impose Requirements on Technology Risk Management

Current

The MAS relies on the powers given to it in the respective legislations to specify the requirements on technology risk management for regulated activities.

Proposed

To facilitate the MAS’ ability to impose technology risk management requirements on any financial institution or any class thereof in relation to its system(s) irrespective of whether the system(s) supports a regulated activity, it is proposed that new powers be introduced to issue directions or make regulations on technology risk management under the Omnibus Act. This is because systems that do not support regulated activities can pose a risk to regulated systems due to interlinkages.

To establish a sufficiently high maximum penalty for breaches of requirements to signal the importance of technology risk management, the Omnibus Act proposes that the maximum penalty for breaches of regulations and notices issued by the MAS be S$1 million.

Provide Mediators, Adjudicators and Employees of an Operator of an Approved Dispute Resolution Scheme with Statutory Protection from Liability

Current

The MAS requires financial institutions prescribed under the MAS (Dispute Resolution Scheme) Regulations 2007 to subscribe as members of an approved dispute resolution scheme. The objective is to provide consumers with an independent and affordable avenue for resolving disputes with their financial institutions.

Proposed

Under the new provision, a mediator, adjudicator or employee of an operator of an approved dispute resolution scheme will not be liable for an act or omission done with reasonable care and in good faith. Mediators, adjudicators and employees will, however, continue to be liable for acts involving wilful misconduct, negligence, fraud or corruption.

Harmonisation of Inspection Powers and Imposition of General Duty to Use Reasonable Care Not to Provide False Information

Current

The MAS relies on the various powers in the MAS Act to conduct inspections on the compliance of financial institutions with applicable regulations.

Proposed

The MAS intends to consolidate its inspection powers currently contained in the MAS Act into a single part of the Omnibus Act and to expand the powers to include inspections for the purpose of determining the extent of compliance by regulated financial institutions as well as digital token service providers providing virtual asset activities outside of Singapore (whether licensed or exempted) with the technology risk management regulations.

The MAS also intends to impose a general duty to use reasonable care not to provide false information to MAS as part of the Omnibus Act.

Commentary

While the majority of the provisions in the proposed Omnibus Act appears to focus on consolidation and tweaking of the MAS’ existing oversight and enforcement powers, the imposition of a new licensing regime for overseas digital token service providers that are created in Singapore will likely have an impact on fintech platforms that have utilised Singapore as a central hub for expansion into the other Asian markets.

Further, the proposed definition of a “digital token” to include digital representations of capital markets products expands the coverage of the proposed licensing regime beyond just digital payment token service providers and will cover entities offering digital representations of regulated products under the SFA outside of Singapore (unless such digital token activities are already considered regulated activities under the SFA and entities providing the same are already regulated and/or exempted under the SFA accordingly).

The proposed draft legislation appears to impose similar obligations on such digital token service providers as those imposed on licensees under the Payment Services Act such as, the requirement for officers and controllers of the digital token service providers to be “fit and proper,” periodic reporting requirements, audit requirements as well as a physical, staffed presence in Singapore that is “meaningful.”

Should the legislation be passed in its current form, it will be interesting to see if it has a cooling effect on the number of foreign fintech and startup companies that choose Singapore as their base of operations to service other Asian markets. Existing digital token service providers servicing only overseas customers will also have to reevaluate their business models to determine if they will be caught under this new regulatory regime and, if so, will likely have to make significant investments into strengthening their physical and administrative operations in Singapore to satisfy the proposed licensing requirements sought to be imposed by the Omnibus Act.

As the implementation of this regime is in accordance with Singapore’s commitments to FATF standards, it is not likely that the final version of the licensing regime will differ greatly from what has been proposed, and accordingly, it will be prudent for any entities that may potentially be caught under this regime to start considering how their businesses might be affected by the proposed licensing regime.